Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.4.8
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiProxy 7.4.8 Administration Guide
    7.4.8
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.11
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.0
    7.0.19
    7.0.17
    7.0.0
    2.0.0
    1.2.0
    1.1.0
    1.0.0

    Diagnostics

    Diagnostics

    Administrators can use the Diagnostics page to create a filter on an interface to capture a specified number of packet streams to examine in real-time with header and payload information. Once completed, packets can be filtered by various fields or through the search bar. The capture can be saved as a PCAP file that you can use with a third-party application, such as Wireshark, for further analysis.

    To capture packets in the GUI:

    1. Go to Network > Diagnostics and select one or multiple interfaces (default is any).

    2. Optionally, enable Maximum captured packets and enter a number which is the maximum number of packets that the FortiProxy will capture. The default is 100. When disabled, the FortiProxy automatically stops after capturing 50,000 packets to preserve memory.

    3. Optionally, enable Filters and select a Filtering syntax:

      1. Basic: enter criteria for the Host, Hostname, Port, and Protocol number.

      2. Advanced: enter a string, such as src host 172.16.200.254 and dst host 172.16.200.1 and dst port 443.

    4. Click Start capture. The capture is visible in real-time.

    5. While the capture is running, select a packet, then click the Headers or Packet Data tabs to view more information.

    6. When the capture is finished, click Save as pcap. The PCAP file is automatically downloaded.

    7. Optionally, use the Search bar or the column headers to filter the results further.

    For more granular sniffer output with various verbose settings, use diagnose sniffer packet <interface> <'filter'> <verbose> <count> <tsformat>.
    Previous
    Next

    Diagnostics

    Diagnostics

    Administrators can use the Diagnostics page to create a filter on an interface to capture a specified number of packet streams to examine in real-time with header and payload information. Once completed, packets can be filtered by various fields or through the search bar. The capture can be saved as a PCAP file that you can use with a third-party application, such as Wireshark, for further analysis.

    To capture packets in the GUI:

    1. Go to Network > Diagnostics and select one or multiple interfaces (default is any).

    2. Optionally, enable Maximum captured packets and enter a number which is the maximum number of packets that the FortiProxy will capture. The default is 100. When disabled, the FortiProxy automatically stops after capturing 50,000 packets to preserve memory.

    3. Optionally, enable Filters and select a Filtering syntax:

      1. Basic: enter criteria for the Host, Hostname, Port, and Protocol number.

      2. Advanced: enter a string, such as src host 172.16.200.254 and dst host 172.16.200.1 and dst port 443.

    4. Click Start capture. The capture is visible in real-time.

    5. While the capture is running, select a packet, then click the Headers or Packet Data tabs to view more information.

    6. When the capture is finished, click Save as pcap. The PCAP file is automatically downloaded.

    7. Optionally, use the Search bar or the column headers to filter the results further.

    For more granular sniffer output with various verbose settings, use diagnose sniffer packet <interface> <'filter'> <verbose> <count> <tsformat>.
    Previous
    Next